Cymulate’s research team has discovered a way to abuse the Online Video feature on Microsoft Word to execute malicious code (Read the press release here). Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video with a link to YouTube, while disguising a hidden html/javascript code that will be running in the background and could potentially lead to further code execution scenarios.

https://blog.cymulate.com/abusing-microsoft-office-online-video